Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cd83d413 by Salvatore Bonaccorso at 2020-03-21T10:25:57+01:00
Track proposed update for node-dot via buster-pu
- - - - -
64b24e5c by Salvatore Bonaccorso at 2020-03-21T10:26:31+01:00
Mark CVE-2020-8141/node-dot
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5938,6 +5938,7 @@ CVE-2020-8142
RESERVED
CVE-2020-8141 (The dot package v1.1.2 uses Function() to compile templates.
This can ...)
- node-dot 1.1.3+ds-1
+ [buster] - node-dot <no-dsa> (Will be fixed via point release)
NOTE: https://hackerone.com/reports/390929
CVE-2020-8140 (A code injection in Nextcloud Desktop Client 2.6.2 for macOS
allowed t ...)
TODO: check
=====================================
data/next-point-update.txt
=====================================
@@ -53,3 +53,5 @@ CVE-2020-9543
[buster] - manila 1:7.0.0-1+deb10u1
CVE-2019-13453
[buster] - zipios++ 0.1.5.9+cvs.2007.04.28-10+deb10u1
+CVE-2020-8141
+ [buster] - node-dot 1.1.1-1+deb10u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/07fa609c26f6879dc58e94bad08e691dc8645c1c...64b24e5c2ffebff9497c33b905a00637b702e1b1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/07fa609c26f6879dc58e94bad08e691dc8645c1c...64b24e5c2ffebff9497c33b905a00637b702e1b1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
